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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely, 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)K Responsive to communication(s) filed on 28 May 2004 . 
2a)E3 This action is FINAL. 2b)D This action is non-final, 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1-50 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Ciaim(s) _ is/are allowed. 

6) S Glaim(s) 1-35,37-40 and 42-50 is/are rejected. 

7) [3 Claim(s) 36 and 41 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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Attach ment(s) 

1) O Notice of References Cited (PTO-892) 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) [><] Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 

Paper No(s)/Mail Date . 



4) d Interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) ED Notice of Informal Patent Application (PTO-1 52) 

6) □ Other: . 



U.S. Patent and Trademark Office 

PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No./Mail Date 20040831 



Application/Control Number: 09/323,415 Page 2 

Art Unit: 2132 

Response to Arguments 

1 . This communication is in response to applicant's response received on May 28, 
2004. 

2. The amendments to claims 33, 36, 38, 40 and 41 are acknowledged and that 
these amendments do not introduce any new matter to the claimed invention. 

3. Applicant's arguments filed May 28, 2004 have been fully considered but they are 
not persuasive. 

4. On page 14, lines 12-17 of Remarks, applicants argue that: "the entry website 
32A does not append the encrypted demographic information to the request as 
originally intercepted by the entry website 32A to create an augmented request, nor 
does it send such an augmented request to a remote website 34A. Instead, the entry 
website 32A generates a redirect response that is sent back to the browser with 
demographic information. It is then incumbent upon the browser to send a new request 
to the remote website 34A." 

Minor discloses a method that a server receives (corresponding to the recited 
intercepting) an end-user request for accessing a remote site (col. 2, lines 44-55; col. 3, 
lines 37-43). User's demographic information is retrieved and encrypted using the 
remote site encryption key. Then the encrypted demographic information is combined 
(corresponding to the recited appending) with the remote site destination address 
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(corresponding to the recited data request) and transmitted to the remote site. The 
remote site destination address is a location on the remote site that the end-user 
intends to access and corresponds to the originally intercepted data request. These 
steps of Minor's method for accessing information located on a remote site by an end- 
user correspond to the limitations of claim 1 . 

5. In light of the above submission the previous rejection of claims 1-35, 37-40 and 
42-50 is maintained as follows. 

Claim Rejections - 35 USC § 102 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 

States. 

Claims 1 , 4-6, 11-15,18, 22, 25, 28, 31 , 33, 38 and 43-50 are rejected under 35 
U.S.C. 102(b) as being anticipated by Minor et al (5,740,252; hereinafter Minor). 

Regarding claims 1, 6, 12 and 22, Minor discloses a method for accessing remote 
data repositories (corresponding to the recited target server) by a computer operator 
(end-user) (see, for example, abstract and col. 2, lines 44-50). The end-user request for 
accessing a remote site is intercepted by an entry web site server that corresponds to 
the recited proxy server (see, for example, col. 5, lines 25-34). The end-user 
demographic information is appended to the end-user request (see, for example, col. 1, 
lines 5-10; col. 2, lines 50-57; col. 3, lines 49-51). Minor also teaches a secure 
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communication and encrypts the demographic information (see, for example, column 4, 
lines 14-15). Minor further discloses that each remote web site (corresponding to the 
recited target server) has an associated encryption key (corresponding to the recited 
session key) that is stored in both entry web site and remote web site servers (see, for 
example, column 4, lines 34-41; column 6, lines 6-10). 

Regarding claims 4, 5 and 28, Minor discloses that the end-user demographic 
information (profile information) are stored in and retrieved from a designated 
database at an entry web site server that corresponds to the recited proxy server 
based on the end-user and Minor further discloses that the end-user computer and 
the web servers are coupled to a network via a network interface (see, for example, 
col. 3, lines 45-59; col. 4, lines 3-6; Fig. 4). 

Regarding claim 1 1 , Minor discloses that the client utilizes a web browser to 
make HTTP requests from the remote web server which is a HTTP server (see, for 
example, column 1, lines 30-40; column 2, lines 5-55; column 7, lines 6-10). 

Regarding claims 13-15, 18, 25 and 31, Minor discloses that the entry web site 
server (corresponding to the recited proxy server) receives a request from user for 
accessing a remote data site. The entry web site server transmits the request to the 
remote data repository that corresponds to the recited information server as stated 
above in the rejection of claim 1 (see, for example, column 4, lines 20-25). At the 
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remote data repository the encrypted user demographic information (profile information) 
is extracted to process user request and to prepare a response for the user (see, for 
example, column 4, lines 25-44 and Fig. 4). 

Regarding claims 33 and 38, these claims are rejected as applied to the like 
elements of claim 1 above and further the following: 

Minor discloses that at the entry web site server (corresponding to the recited 
proxy server), it is determined that to which remote data repository (corresponding to 
the recited target server), the user request should be sent (see, for example, column 4, 
lines 6-13). 

Regarding claim 43-50, Minor discloses: 

The method of claim 13 wherein the encrypted user profile information comprises 
one or more of demographic information, a history of data requests by a user, age of a 
user, gender of a user, or interests of a user (see, for example, column 1 , lines 47-54; 
column 3, lines 49-54 and column 4, lines 42-50). 

Claim Rejections - 35 (JSC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
setforth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious at 
the time the invention was made to a person having ordinary skill in the art to which said subject 
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matter pertains. Patentability shall not be negatived by the manner in which the invention was 
made. 

Claims 2, 3, 16, 17, 23, 26, 29, 37 and 42 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Minor et al (5,740,252; hereinafter Minor) in view of Uhler et al 
(2001/0039587 A1 ; hereinafter Uhler). 

Regarding claims 2, 3, 23, 29 and 37, Minor does not expressly disclose the use 
of a reference token to be sent to the remote server along with the subsequent client 
requests. Uhler, however, teaches a method for accessing web server by a client 
through a proxy server that uses a cookie (corresponding to the recited reference token) 
(see, for example, page 6, [0093]-[0094], Fig. 2 and Fig. 4). The cookie is received from 
the web server and it is transmitted back to the web site with the subsequent client 
requests. The cookie is used to determine if the client has the proper authentication. 
The cookie is sent to the client by the web server based on the initial authentication of 
the client which is associated with the demographic information of the client. 

It would have been obvious to a person of ordinary skill in the art, at the time the 
invention was made, to implement the use of cookie (token) as taught in Uhler in the 
system of Minor, because the steps of authenticating the client would not be repeated in 
the subsequent client attempts to access the web site (see Uhler, page 6, [0093]). 

Regarding claim 16, this claim is rejected as applied to the like elements of claim 
1 3 above and further the following: 
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Uhler teaches that the web server sends a cookie (corresponding to the recited 
reference token) along with the response to the client (see, for example, page 6, 
[0093]). 

Regarding claim 17, this claim is rejected as applied to the like elements of 
claims 2 and 13 as stated above. 

Regarding claims 26 and 42, these claims are rejected as applied to the like 
elements of claims 2 and 13 above and further the following: 

Minor discloses that the remote data repository (web server) stores the extracted 
user demographic information (profile information) (see column 6, lines 6-16 and lines 
46-58). 

Claims 7-10, 19-21, 24, 27, 30, 32, 34, 35, 39 and 40 are rejected under 35 

U.S.C. 103(a) as being unpatentable over Minor et al (5,740,252; hereinafter 

Minor) in view of Loeb et al (5,245,656; hereinafter Loeb). 

Regarding claims 7-10, 19-21, 24, 27, 30, 32, 34, 35, 39 and 40, these claims are 
rejected as applied to the like elements of claims 1,13 and 14 as stated above. 
However, Minor does not expressly disclose the use of a session key to encrypt the 
user demographic information and to transmit the session key to a remote site server by 
using public cryptography. Loeb teaches the use of session keys in transmitting user 
profile to a remote site (see, for example, col. 1, line 66-col. 2, line 1 1 and col. 3, line 1- 



Application/Control Number: 09/323,415 Page 8 

Art Unit: 2132 

10). The session keys are transmitted between the servers by use of public key 
cryptography. 

It would have been obvious to a person of ordinary skill in the art, at the time the 
invention was made, to implement the use public key cryptographic technique to 
transmit a session key from one server to another server as taught in Loeb in the 
system of Minor, because it would provide secure transmission of session key over a 
public network (see col. 3, lines 18-25). 

Allowable Subject Matter 

Claims 36 and 41 are objected to as being dependent upon a rejected base 
claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 



Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
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mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Abdulhakim Nobahar whose telephone number is 703- 
305-8074. The examiner can normally be reached on M-F 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 703-305-1830. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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